TABLE OF CONTENTS Advanced security tools often depend on functionality implemented by other security tools. Because of this fact, a security tool author has a decision to make between writing new code and reusing code from an existing security tool. As with any type of code reuse, reusing functionality from an existing code base enables benefits such as faster development cycles.
Reusing existing code depends largely upon how it is written. The best scenario is if the desired code is self-contained and easily includable (such as a C++ class or a DLL) into your development project. This is largely not the case, however, and it is often necessary to port the code into a self-contained module.
The type of module the code is integrated into varies depending upon the project s requirements. The most common scenarios include C++ classes and dynamic link libraries. But what happens when the requirements change, or when a new tool is developed in a different language? The same process of integration is performed, or the code is scrapped and rewritten.
This chapter explores a different type of module integration that allows code to be accessed in a language-independent and even host-independent manner: by using the Component Object Model (COM). You will learn what COM is, how it can be implemented easily using Active Template Library (ATL), and how to integrate it directly into an existing security tool, followed by an example.
A good understanding of the Component Object Model (COM) theory is important in developing applications based...
